Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-18 | CVE-2022-1037 | Server-Side Request Forgery (SSRF) vulnerability in Villatheme Exmage The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs | 6.5 |
| 2022-04-15 | CVE-2022-27426 | Server-Side Request Forgery (SSRF) vulnerability in Chamilo LMS A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the internal network and execute arbitrary system commands via a crafted Phar file. | 6.5 |
| 2022-04-15 | CVE-2022-26499 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An SSRF issue was discovered in Asterisk through 19.x. | 9.1 |
| 2022-04-08 | CVE-2022-22339 | Server-Side Request Forgery (SSRF) vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). | 6.5 |
| 2022-04-07 | CVE-2021-36202 | Server-Side Request Forgery (SSRF) vulnerability in Johnsoncontrols products Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. | 6.5 |
| 2022-04-07 | CVE-2020-27375 | Server-Side Request Forgery (SSRF) vulnerability in Drtrustusa Icheck Connect BP Monitor BP Testing 118 Firmware 1.2.1 Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting Write Requests and Chars. | 3.3 |
| 2022-04-05 | CVE-2022-1213 | Server-Side Request Forgery (SSRF) vulnerability in Livehelperchat Live Helper Chat SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. | 5.5 |
| 2022-04-04 | CVE-2022-1188 | Server-Side Request Forgery (SSRF) vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible. | 5.0 |
| 2022-04-04 | CVE-2022-0990 | Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. | 6.4 |
| 2022-04-04 | CVE-2022-0939 | Server-Side Request Forgery (SSRF) vulnerability in Calibre-Web Project Calibre-Web Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. | 7.5 |